Univention Bugzilla – Bug 38557
Administrator can't override Domain lockout
Last modified: 2015-05-28 16:50:31 CEST
If the user is logged out of a Windows Workstation, because the domain logout policy was set in Samba 4, the administrator is unable to disable the logout from the UMC. Even setting a new password does not resolve the issue. Thus the Customer has no other chance then to wait for the logout to timeout. Expected would be that, if a new password is set via the UMC, the logout is disabled by the S4 connector. Critical as it severely hampers Operations, when users have to wait for the timeout. Expected would be: user goes to helpdesk, helpdesk sets new password, user can login with the new password.
Frustratingly even the with the samba-tool user enable the logout can't be disabled.
Created attachment 6910 [details] reset_lockout_values.patch
(In reply to Stefan Gohmann from comment #2) > Created attachment 6910 [details] > reset_lockout_values.patch This patch resets the lockout values.
I've applied the patch: r60901 YAML: r60902
Patch is in the built code, works and advisory is ok.
<http://errata.univention.de/ucs/4.0/204.html>